14 DAY TRIAL // A security glitch in the web server present in several Cisco Wireless Residential Gateway products could be exploited by an attacker to execute code remotely and has been addressed by the developer.
The vulnerability, a buffer overflow, occurred because of incorrect validation of HTTP requests. As such, the intruder had the opportunity to exploit it by sending malicious HTTP requests to the affected device.
By doing so, they would cause the web server to crash, which allowed them to inject commands and execute code with elevated privileges. Cisco says that the vulnerability is exploitable regardless if the device is set up to work in router or gateweway mode.
So far, Cisco is not aware of the security flaw being leveraged in the wild and urges its customers to install the update as soon as possible.
The severity of the issue is high, as the attacker does not need to be authenticated in order to breach the system, and the complexity level is low.
A list with the devices affected includes the following:
- Cisco DPC3212 VoIP Cable Modem - Cisco DPC3825 8x4 DOCSIS 3.0 Wireless Residential Gateway - Cisco EPC3212 VoIP Cable Modem - Cisco EPC3825 8x4 DOCSIS 3.0 Wireless Residential Gateway - Cisco Model DPC3010 DOCSIS 3.0 8x4 Cable Modem - Cisco Model DPC3925 8x4 DOCSIS 3.0 with Wireless Residential Gateway with EDVA - Cisco Model DPQ3925 8x4 DOCSIS 3.0 Wireless Residential Gateway with EDVA - Cisco Model EPC3010 DOCSIS 3.0 Cable Modem - Cisco Model EPC3925 8x4 DOCSIS 3.0 with Wireless Residential Gateway with EDVA.